Configure key-based SSH authentication
IMPORTANT: Before following the steps below, ensure that your application server is running.
To configure the SSH server to support key-based authentication, follow these steps:
-
Log in to the server console as the bitnami user.
-
Create a key pair, consisting of a public and private key, as shown below. Set a long passphrase when prompted.
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/bitnami/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/bitnami/.ssh/id_rsa. Your public key has been saved in /home/bitnami/.ssh/id_rsa.pub. The key fingerprint is: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX bitnami@linuxThis command should create two files named id_rsa and id_rsa.pub in the /home/bitnami/.ssh directory.
-
Copy the private key file named id_rsa to a secure location. Do not share this private key file.
-
Transfer the contents of the public key file to the /home/bitnami/.ssh/authorized_keys file:
$ cd /home/bitnami/.ssh $ cat id_rsa.pub >> /home/bitnami/.ssh/authorized_keys -
Edit the /etc/ssh/sshd_config and uncomment (or add if not already present) the following lines:
RSAAuthentication yes PubkeyAuthentication yes -
In the same file, disable basic password authentication (if not already disabled). Uncomment or add the following lines:
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no -
Restart the SSH server for the new configuration to take effect:
$ sudo /etc/init.d/ssh force-reload $ sudo /etc/init.d/ssh restart
You can now use the private key file to connect to the virtual machine using SSH.